package com.lee.mysql.config;

import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.cache.MemoryConstrainedCacheManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.mgt.SessionsSecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import java.util.LinkedHashMap;

@Configuration
public class SpringShiroConfig {


    /**
     * 配置Realm对象交给spring管理
     */
    @Bean
    public Realm realm() {
        return new ShiroUserRealm();
    }

    /* 配置缓存管理器
     * 注意shiroCacheManager名称不能使用cacheManager会和spring自带的冲突
     */
    @Bean
    protected CacheManager shiroCacheManager() {
        return new MemoryConstrainedCacheManager();
    }

    /**
     * 配置过滤器工厂Bean对象,配置过滤规则
     */
    @Bean
    public ShiroFilterChainDefinition shiroFilterChainDefinition() {
        DefaultShiroFilterChainDefinition chainDefinition = new DefaultShiroFilterChainDefinition();

        //定义MAP指定请求过滤规则
        LinkedHashMap<String, String> map = new LinkedHashMap<>();
        // anon的是静态资源，允许匿名访问
        map.put("/static/**", "anon");
        // 配置用户登陆和登出
        map.put("/", "anon");
        map.put("/doLogin", "anon");
        map.put("/doLoginOut", "logout");
        // authc是需要认证的，不允许匿名访问
        map.put("/**","authc");
        // 修改shiro的过滤认证级别为user,(authc)是认证过，(user)是登录过
        //map.put("/**", "user");
        chainDefinition.addPathDefinitions(map);
        return chainDefinition;
    }


    @Bean
    @DependsOn({"lifecycleBeanPostProcessor"})
    public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator(){
        DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
        advisorAutoProxyCreator.setProxyTargetClass(true);
        return advisorAutoProxyCreator;
    }

    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager){
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }

    @Bean
    public SessionsSecurityManager securityManager(Realm realm, CacheManager cacheManager) {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(realm);
        securityManager.setCacheManager(cacheManager);
        return securityManager;
    }


}